Help w/ smb.conf file
Hi,
I am trying to setup a simple read/write samba share on a RHEL 3.0 box with User Security. I need to be able to read/write from Windows XP/2003 machines as well. I setup local accounts and smbuser accounts on the Linux machine to match the accounts on the Windows 2003 domain server. I can see the share in Windows Network Neighborhood and I can read from it, but never can write to it. Here is the smb.conf file I tried based on the RedHat's How-To guide: ******************************************************* [global] workgroup = TEST netbios name = testlinux security = user [public] comment = Samba Shared Directory path = /share read only = No ******************************************************** Can someone tell me what I need to do to setup a read/write samba share with user security on RHEL 3.0 and WinXP/2003? Thanks for any suggestions |
I have
writeable = yes in smb.conf You may also want to check the permissions (attributes) at the linux level on you shared directories and files. |
I checked permissions on the shared folder and all groups have read/write access.....
|
Humor me,
do an ls -al on the directory being shared. post that here. |
ok, i did ls -al on the /share directory (Samba Shared Folder) and here is the output:
total 8 drwxrwxrwx 2 root root 4096 Aug 24 14:36 . drwxr-xr-x 22 root root 4096 Aug 24 14:44 .. -rwSrwsrwT 1 root root 0 Aug 24 14:36 testfile.txt But when I view the directory permissions in the GUI, it shows that all groups have read/write/execute....i'm confused... |
Okay,
Im confused too; i've never been good at deciphering 'sticky' bits in the attribs... anyway, one thing I notice is that everything there is owned by root. In my implementation, for samba users i created a group called: hmntwk (for home network) and added each expected samba user to that group. So one of the samba user's username is frank. do a chown -R frank:hmntwk /share Each member of the group can then participate in sharing files with the appropriate attributes. Anyway I am hoping for some additional assistance here... Edit: okay, in my shared folder the attributes are set: -rwxrw-r-- So the file owner can rwx, the group members can rw. You can set this up how u like. For the above chmod 764 * will accomplish... |
can someone smarter than us pls. assist.... i
thx! bumping up. |
sample directory folder for all groups
[sample dir] comment = everybody can log on path = path of your directory ex: /home/sample\ /dir writable = yes public = yes create mode =0775 directory mask = 0774 directory security mask = 0777 groupadd nobody chown nobody.nobody /sample\ /dir sample dir for a specific group user [sample dir] comment = for user group only path = path of your directory ex: /home/sample\ /dir writable = yes public = yes write list = @user create mode =0664 directory mask = 0774 directory security mask = 0777 force group = user valid user = @user groupadd user chown .user /sample\ /dir useradd -s /bin/bash -G user [name] smbpasswd -a [name] hope it can help |
the config file I'm hacking
I have been fighting with similar issues. I have my shares viewable from my XP network places--however, I have permissions problems which don't allow me to write to these directories... windows thinks there is 0 disk space available. Anywhere here is the config file I've been hacking... adding comments and examples from other posting found today--sorry I should have tracked the threads so I could credit sources. They are all from linuxquestions.
# This is a hacked file including samples found in posts made by others on this site # # This is the main Samba configuration file. You should read the # smb.conf(5) manual page in order to understand the options listed # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you # may wish to enable # # NOTE: Whenever you modify this file you should run the command "testparm" # to check that you have not made any basic syntactic errors. [global] workgroup = [WORKGROUP] server string = [SERERNAME DESCRIPTION] hosts allow = 192.168. # added 05aug26 to get windows workgroups working - next 3 lines # netbios name = [SERVERNAME] security = user # Browser Control Options: # set local master to no if you don't want Samba to become a master # browser on your network. Otherwise the normal election rules apply local master = no #[printers] # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer # NOTE2: If you want to automatically load your printer list rather # than setting them up individually then you'll need this printcap name = /etc/printcap load printers = yes # It should not be necessary to spell out the print system type unless # yours is non-standard. Currently supported print systems include: # bsd, sysv, plp, lprng, aix, hpux, qnx ; printing = cups # This option tells cups that the data has already been rasterized ; cups options = raw # Uncomment this if you want a guest account, you must add this to /etc/passwd # otherwise the user "nobody" is used ; guest account = pcguest ; comment = All Printers ; path = /var/spool/samba # NOTE: Set public = yes to allow user 'guest account' to print ; guest ok = no ; printable = yes load printers = yes printing = lprng browseable = yes # this tells samba to use a separate log file for each machine # that connects log file = /var/log/samba/%m.log # put a capping on the size of the log files (in Kb) max log size = 0 # security mode. Most people will want user level security. See # security_level.txt for details. Nextline would not be commented out, # but matt commented it out when the lan log-in server went away ; security = server ; password server = 192.168.1.1 # could also have been an NT server using ; password server = <NT-Server-Name> # Password Level allows matching fo _n_characters of the password for # all cobinations of upper and lower case. ; password level = 8 ; username level = 8 encrypt passwords = yes smb passwd file = /etc/samba/smbpasswd dns proxy = no # The following are needed to allow password changing from windoes to # update the Linux systempassword also. # NOTE: Use these with 'encrypt passwords' and 'smb passwd file' above. # NOTE2: You do NOT need these to allow workstations to change only # the encrypted SMB passwords. They allow the Unix password # to be kept in sync with the SMB password. unix password sync = Yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password*%n\n *passwd:*all*authentication*tokens*updated*successfully* # Unix users can map to differentSMB User names username map = /etc/samba/smbusers # Most people will find that this option gives better performance. # See speed.txt and manual pages for details socket options = TCP_NODELAY SO_SNDBUF=8192 SO_RCVBUF=8192 # Configure Samba to use multiple interfaces # If you have multiple network interfaces they you must list them # here. See the man page for details. # interfaces = 192.168.12.2/24 192.168.13.2/24 # Configure remote browse list synchronisation here # request announcement to, or browse list sync from: # a specific host or from / to a whole subnet (see below) ; remote browse sync = 192.168.3.25 192.168.5.255 # Cause this host to announce itself to local subnets here ; remote announce = 192.168.1.255 192.168.2.44 # OS Level determines the precedence of this server in master browser # elections. The default value should be reasonable ; os level = 33 # Domain Master specifies Samba to be the Domain Master Browser. This # allows Samba to collate browse lists between subnets. Don't use this # if you already have a Windows NT domain controller doing this job ; domain master = yes # Preferred Master causes Samba to force a local browser election on startup # and gives it a slightly higher chance of winning the election ; preferred master = yes # Enable this if you want Samba to be a domain logon server for # Windows95 workstations. ; domain logons = yes # if you enable domain logons then you may want a per-machine or # per user logon script # run a specific logon batch file per workstation (machine) ; logon script = %m.bat # run a specific logon batch file per username ; logon script = %U.bat # Where to store roving profiles (only for Win95 and WinNT) # %L substitutes for this servers netbios name, %U is username # You must uncomment the [Profiles] share below ; logon path = \\%L\Profiles\%U # All NetBIOS names must be resolved to IP Addresses # 'Name Resolve Order' allows the named resolution mechanism to be specified # the default order is "host lmhosts wins bcast". "host" means use the unix # system gethostbyname() function call that will use either /etc/hosts OR # DNS or NIS depending on the settings of /etc/host.config, /etc/nsswitch.conf # and the /etc/resolv.conf file. "host" therefore is system configuration # dependant. This parameter is most often of use to prevent DNS lookups # in order to resolve NetBIOS names to IP Addresses. Use with care! # The example below excludes use of name resolution for machines that are NOT # on the local network segment # - OR - are not deliberately to be known via lmhosts or via WINS. ; name resolve order = wins lmhosts bcast # Windows Internet Name Serving Support Section: # WINS Support - Tells the NMBD component of Samba to enable it's WINS Server ; wins support = yes # WINS Server - Tells the NMBD components of Samba to be a WINS Client # Note: Samba can be either a WINS Server, or a WINS Client, but NOT both ; wins server = w.x.y.z # WINS Proxy - Tells Samba to answer name resolution queries on # behalf of a non WINS capable client, for this to work there must be # at least one WINS Server on the network. The default is NO. ; wins proxy = yes # DNS Proxy - tells Samba whether or not to try to resolve NetBIOS names # via DNS nslookups. The built-in default for versions 1.9.17 is yes, # this has been changed in version 1.9.18 to no. ; dns proxy = no ; winbind uid = 16777216-33554431 ; winbind gid = 16777216-33554431 ; restrict anonymous = no ; domain master = no ; preferred master = no ; max protocol = NT ; ldap ssl = No ; server signing = Auto ; guest account = nscd # Un-comment the following and create the netlogon directory for Domain Logons #[netlogon] ; comment = Network Logon Service ; path = /home/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /home/profiles ; browseable = no ; guest ok = yes #============================ Share Definitions ============================== [share] comment = ServerName files path = /share public = no browseable = yes writable = yes # create mask = 0770 # directory mask = 0770 [home] comment = Home Directories path = /home/%u browseable = yes writable = yes #=========================== Other Examples ================================= # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group ;[public] ; comment = Public Stuff ; path = /home/samba ; public = yes ; read only = yes ; write list = @staff # Other examples. # # A private printer, usable only by fred. Spool data will be placed in fred's # home directory. Note that fred must have write access to the spool directory, # wherever it is. ;[fredsprn] ; comment = Fred's Printer ; valid users = fred ; path = /homes/fred ; printer = freds_printer ; public = no ; writable = no ; printable = yes # A private directory, usable only by fred. Note that fred requires write # access to the directory. ;[fredsdir] ; comment = Fred's Service ; path = /usr/somewhere/private ; valid users = fred ; public = no ; writable = yes ; printable = no # a service which has a different directory for each machine that connects # this allows you to tailor configurations to incoming machines. You could # also use the %u option to tailor it by user name. # The %m gets replaced with the machine name that is connecting. ;[pchome] ; comment = PC Directories ; path = /usr/pc/%m ; public = no ; writable = yes # A publicly accessible directory, read/write to all users. Note that all files # created in the directory by users will be owned by the default user, so # any user with access can delete any other user's files. Obviously this # directory must be writable by the default user. Another user could of course # be specified, in which case all files would be owned by that user instead. ;[public] ; path = /usr/somewhere/else/public ; public = yes ; only guest = yes ; writable = yes ; printable = no # The following two entries demonstrate how to share a directory so that two # users can place files there that will be owned by the specific users. In this # setup, the directory should be writable by both users and should have the # sticky bit set on it to prevent abuse. Obviously this could be extended to # as many users as required. ;[myshare] ; comment = Mary's and Fred's stuff ; path = /usr/somewhere/shared ; valid users = mary fred ; public = no ; writable = yes ; printable = no ; create mask = 0765 # Pre-share, read linux minibook pg78 for details ;[temp] ; comment = Shared temporary space ; path = /tmp ; writeable = yes ; guest ok = yes ;[gerry] ; path = /home/gerry ; writeable = no ; browseable = yes ; guest ok = yes |
All times are GMT -5. The time now is 04:53 AM. |